CVE-2021-43701

Published March 29th, 2022

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

CSZ CMS 1.2.9 has a Time and Boolean-based Blind SQL Injection vulnerability in the endpoint /admin/export/getcsv/article_db, via the fieldS[] and orderby parameters.

cskaza/cszcms

Open Source CMS (Content Management System) with Codeigniter and Bootstrap.

GitHub